NXDOMAIN redirection in BIND 9.9
Matus UHLAR - fantomas
uhlar at fantomas.sk
Mon Oct 3 14:48:19 UTC 2011
>On 9/30/2011 6:21 PM, Shawn Bakhtiar wrote:
>>"We came to the conclusion that no matter how much we wanted it to
>>not be true, people find a way to do NXDOMAIN if they want to. The
>>issue is not ours to push, it's between the ISP and the customer
>>ultimately, and people will do it -- and more intrusively -- than
>>BIND 9.9 will."
>>That is just giving in. To what WILL end up being akin (is akin) to
>>taking away access. The argument that everyone is doing it so let's
>>just facilitate it is a bad one. This is a cave in to bad behavior
>>which borders on freedom of speech violation, since your
>>sanctioning the ability to arbitrarily redirecting (without
>>redirecting) content. Important part being the sanctioning of.
On 30.09.11 19:43, David Miller wrote:
>You get to run your network how ever you like. This is your right.
>Turn the feature on if you like -or- make sure it is off if you don't
and he can blame ISC for providing the feature at all.
>You don't get to tell others how to run their networks. Well... you
>can tell them, but they don't have to listen to you...
He does, and (for example) you listen.
>Many organizations want to do NXDOMAIN redirections on their
>resolvers on their own internal networks or on guest wireless
>networks or on whatever networks they control for whatever reasons
and most of them are invalid, ill and sick. This won't change,
especially since we can expect more of people do it now, when ISC
provides a way do to it.
>Other resolvers have had the ability to do NXDOMAIN redirections for
>many years. The pressures keeping ISPs from implementing NXDOMAIN
>redirections has never been the fact that BIND didn't support it.
I hoped that ISC stays out of the world where companies will break
DNS to do something it is not designed for. Now I see it doesn't.
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I'm not interested in your website anymore.
If you need cookies, bake them yourself.
More information about the bind-users